TJX. RSA. Playstation Network. They represent just a few of the major companies that have found themselves the victims of costly hacking incidents — as well as lurid headlines that lingered for months after the attacks were over.

There are many equally serious incidents that either go unreported or happen to smaller, less newsworthy companies. To many observers, it seems like it’s become child’s play for online attackers to access even the most sensitive corporate assets.

Hackers Will Get In

These penetrations happen even though every major corporation and government agency spends tremendous sums of money on Internet security. These defenses are robust, sophisticated and layered. They are managed by talented, highly trained professionals. And, in truth, the vast number of network security systems work exactly as intended. And yet, the bad guys get through.

According to the Association of Certified Fraud Examiners, 5 percent of company revenue is lost to fraud — with 80 percent of the loss coming from accounting, operations, sales, executive management, customer service or purchasing.

Does that mean that we can’t trust our own staff, especially those closest to our most sensitive data? Of course not.

The reality is that technological solutions can only go so far in protecting corporate assets. At some level, there remains a human being in the loop with direct access to core ERP and other financial systems. And we human beings are notoriously easy to fool into giving away our secrets.

Corporate Money Will Leak Out

It’s this simple, deceptive process, called “social engineering,” that makes fraud so simple and widespread. The statistics back up the concern. A recent survey from Check Point found that 75 percent of companies worldwide have experienced 25 or more social engineering attacks in the last two years, risking up to $13 million in annual losses.

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.